From: Eli Zaretskii <eliz@gnu.org>
To: "Basil L. Contovounesios" <contovob@tcd.ie>
Cc: 50571@debbugs.gnu.org
Subject: bug#50571: 28.0.50; Redisplay segfaults with empty face cache
Date: Sun, 19 Sep 2021 18:47:32 +0300 [thread overview]
Message-ID: <83ee9k4lez.fsf@gnu.org> (raw)
In-Reply-To: <87v92wacsx.fsf@tcd.ie> (contovob@tcd.ie)
> From: "Basil L. Contovounesios" <contovob@tcd.ie>
> Cc: 50571@debbugs.gnu.org
> Date: Sun, 19 Sep 2021 14:57:02 +0100
>
> Unfortunately I found another hole that needs plugging, but fortunately
> I can reliably reproduce it with the following site-specific steps:
>
> 0. emacs
> 1. C-x p p (project-switch-project)
> 2. Select a checkout of https://github.com/abo-abo/swiper,
> using Ivy completion.
> 3. f (project-find-file)
> 4. ivy.el RET
> 5. C-s (isearch-forward)
> 6. C-g
> 7. M-s s (counsel-grep-or-swiper)
> 8. #[[:digit:]]
>
> This brings a bug-reference-bug-regexp match onto screen, which again
> triggers a frame creation via bug-reference's call to display-warning.
>
> The attached GDB log shows where the relevant frame's face cache is
> cleared right before the crash (search for 'New value = 0'), at which
> point f->inhibit_clear_image_cache is false.
Thanks for the data. I guess this is a preview of how allowing
arbitrary Lisp that affects the display in fontification-functions
will keep shooting in the foot, time and again.
Please try the patch below.
diff --git a/src/xdisp.c b/src/xdisp.c
index 2e72f6b..8b56fee 100644
--- a/src/xdisp.c
+++ b/src/xdisp.c
@@ -4288,12 +4288,17 @@ handle_fontified_prop (struct it *it)
struct buffer *obuf = current_buffer;
ptrdiff_t begv = BEGV, zv = ZV;
bool old_clip_changed = current_buffer->clip_changed;
+ bool saved_inhibit_flag = it->f->inhibit_clear_image_cache;
val = Vfontification_functions;
specbind (Qfontification_functions, Qnil);
eassert (it->end_charpos == ZV);
+ /* Don't allow Lisp that runs from 'fontification-functions'
+ clear our face and image caches behind our backs. */
+ it->f->inhibit_clear_image_cache = true;
+
if (!CONSP (val) || EQ (XCAR (val), Qlambda))
safe_call1 (val, pos);
else
@@ -4327,6 +4332,7 @@ handle_fontified_prop (struct it *it)
}
}
+ it->f->inhibit_clear_image_cache = saved_inhibit_flag;
unbind_to (count, Qnil);
/* Fontification functions routinely call `save-restriction'.
next prev parent reply other threads:[~2021-09-19 15:47 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-13 14:59 bug#50571: 28.0.50; Redisplay segfaults with empty face cache Basil L. Contovounesios via Bug reports for GNU Emacs, the Swiss army knife of text editors
2021-09-13 16:03 ` Eli Zaretskii
2021-09-13 23:21 ` Basil L. Contovounesios via Bug reports for GNU Emacs, the Swiss army knife of text editors
2021-09-14 13:03 ` Eli Zaretskii
2021-09-14 13:33 ` Eli Zaretskii
2021-09-14 19:45 ` Basil L. Contovounesios via Bug reports for GNU Emacs, the Swiss army knife of text editors
2021-09-15 13:16 ` Eli Zaretskii
2021-09-19 13:57 ` Basil L. Contovounesios via Bug reports for GNU Emacs, the Swiss army knife of text editors
2021-09-19 15:47 ` Eli Zaretskii [this message]
2021-09-19 18:21 ` Basil L. Contovounesios via Bug reports for GNU Emacs, the Swiss army knife of text editors
2021-09-19 18:41 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=83ee9k4lez.fsf@gnu.org \
--to=eliz@gnu.org \
--cc=50571@debbugs.gnu.org \
--cc=contovob@tcd.ie \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).